<?php

class UserAuth
{
	public static function login($username, $password)
	{
		$username=mysql_real_escape_string(htmlspecialchars($username));
		$password=mysql_real_escape_string(htmlspecialchars($password));
		$hash=md5($username.$password."titok");
		if(false===($userData=SQL::fetch("SELECT * FROM `user` WHERE `username`='$username' AND `password`='$hash'")))
		{
			return false;
		}
		return $userData;
	}
}